RHSA-2023:3943: Moderate: ACS 4.1 enhancement and security update

The release of ACS 4.1 provides these changes:Security Fix(es): golang: crash in a golang.org/x/crypto/ssh server (CVE-2022-27191) net/http, golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding (CVE-2022-41723) golang: net/http, net/textproto: denial of service from excessive memory allocation (CVE-2023-24534) golang: net/http, net/textproto, mime/multipart: denial of service from excessive resource consumption (CVE-2023-24536) golang: go/parser: Infinite loop in parsing (CVE-2023-24537) golang: html/template: backticks not treated as string delimiters (CVE-2023-24538) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.New features: Manual renewal of Central and Sensor certificates Vulnerability Management 2.0 (Technology Preview) RHACS Cloud Service scanning support for images pulled from on-premise registries eBPF collection method on IBM Z and IBM® LinuxONE Ability to configure the display of default compliance standards in the Compliance Dashboard Declarative configurations for authentication and authorization SSO configuration using the roxctl CLI New collection method based on BPF CO-RE (Technology Preview) Network graph updates Policy Management simplification New permission sets Improvements for Sensor resync (General Availability) For notable technical changes, deprecated and removed features, bug fixes, and known issues, refer to the Release Notes.